Legal

Privacy Policy

Last updated: January 2026. Your privacy is important to us. This policy explains how we handle your data.

Our Commitment to Privacy

At Chatsvia, a product of iiniit, we are committed to protecting your privacy and the privacy of your customers. We handle sensitive data including customer conversations, social account access tokens, and business information. This Privacy Policy explains our data practices so you can make informed decisions about using our service.

Information We Collect
  • Account Information: When you create an account, we collect your name, email address, and authentication credentials.
  • Social Account Data: We collect information about the Facebook Pages Business accounts you connect, including page names, profile pictures, and access tokens.
  • Conversation Data: We store customer conversations, messages, and interaction history to provide the messaging service.
  • Product & Order Data: We store your product catalog information and customer orders processed through the platform.
  • Usage Data: We collect information about how you use our service, including conversation volumes, bot interactions, and feature usage.
  • Payment Information: For paid subscriptions, billing is managed through iiniit's central billing system. We do not store full credit card numbers directly.
  • Device Information: We collect device type, browser type, IP address, and operating system for security and service optimization.
How We Use Your Information
  • To provide, maintain, and improve our messaging platform services.
  • To process and deliver messages between you and your customers via Facebook Messenger.
  • To generate AI-powered bot responses based on your product catalog and conversation context.
  • To manage your subscription and connected social accounts through iiniit's billing system.
  • To communicate with you about service updates, security alerts, and support requests.
  • To analyze usage patterns and optimize our platform's performance and user experience.
  • To detect, prevent, and address security issues, fraud, and abuse.
  • To comply with legal obligations and enforce our terms of service.
Conversation and Message Processing
  • Customer messages received through Facebook Messenger are stored in our database to provide the messaging service.
  • Messages are used to generate AI bot responses when bot mode is enabled for a conversation.
  • Conversation history is maintained so you and your agents can provide context-aware customer support.
  • We do not use your customer conversations to train our AI models or for any purpose other than providing the service.
  • You can delete conversation history through the platform. Deleted conversations are removed from our active databases.
Access Token Security
  • Access tokens for connected Facebook Pages Business accounts are encrypted using AES-256-GCM encryption.
  • Encrypted tokens are stored securely and only decrypted when needed to communicate with Meta's APIs.
  • We never share your access tokens with third parties except Meta's official APIs for message delivery.
  • You can revoke access by disconnecting social accounts from your Chatsvia dashboard at any time.
Data Sharing and Disclosure
  • We do not sell your personal data or customer conversation data to third parties.
  • We share data with iiniit's central services for billing and account management under strict data protection agreements.
  • We share messages with Meta (Facebook) APIs to deliver messages to your customers.
  • We share conversation context with AI model providers (such as OpenAI) to generate bot responses. These providers are bound by their own privacy policies and our data processing agreements.
  • We may disclose information when required by law, court order, or to protect the safety and rights of our users and the public.
  • In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.
Data Security
  • We implement industry-standard security measures including encryption in transit (TLS/SSL) and at rest.
  • Social account access tokens are encrypted using AES-256-GCM before storage.
  • Access to personal data is restricted to authorized personnel who need it to perform their job functions.
  • We regularly review and update our security practices to protect against unauthorized access, alteration, or destruction of data.
  • You are responsible for maintaining the security of your account credentials and for notifying us of any suspected unauthorized access.
Data Retention
  • We retain your account information as long as your account is active or as needed to provide services.
  • Conversation history is retained until you delete it or close your account.
  • Order data is retained for record-keeping and may be required for business and legal purposes.
  • We may retain certain data for a longer period as required by law or for legitimate business purposes (e.g., billing records).
  • When you delete your account, we will delete or anonymize your personal data within a reasonable timeframe, subject to legal requirements.
Your Rights and Choices
  • Access: You can access and download your personal data through your account settings.
  • Correction: You can update your account information at any time.
  • Deletion: You can request deletion of your account and associated data by contacting us.
  • Data Portability: You can export your conversation history and order data.
  • Disconnect Accounts: You can disconnect Facebook Pages accounts at any time.
  • Marketing Opt-out: You can unsubscribe from marketing emails at any time via the unsubscribe link in our emails.
Cookies and Tracking
  • We use essential cookies to maintain your session and provide core functionality.
  • We use analytics cookies to understand how users interact with our service and to improve the user experience.
  • You can control cookie preferences through your browser settings, though some features may not work properly without essential cookies.
International Data Transfers
  • Your data may be processed in countries where our servers and service providers are located.
  • We ensure appropriate safeguards are in place for international data transfers, including standard contractual clauses.
  • By using our service, you consent to the transfer of your data to these locations.
Children's Privacy
  • Chatsvia is not intended for use by children under the age of 16.
  • We do not knowingly collect personal data from children under 16.
  • If we become aware that we have collected data from a child under 16, we will delete that information promptly.
Changes to This Policy
  • We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.
  • We will notify you of material changes via email or through a notice on our service.
  • Continued use of the service after changes take effect constitutes acceptance of the updated policy.
  • We encourage you to review this policy periodically for any updates.

For privacy-related inquiries or to exercise your data rights, contact us at [email protected] or visit our iiniit Support.

If you are located in the EU/EEA/UK, you may have additional rights under GDPR. Please contact us to exercise these rights.